LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-14-2019, 12:17 PM   #1
daviddon
LQ Newbie
 
Registered: May 2019
Posts: 16

Rep: Reputation: Disabled
Build A Linux Lab


I am planning to build a centralized Linux environment for lab use. What essential components such as DNS, SSSD, etc do I need? If I can get an existing sample, that would be great.
 
Old 05-14-2019, 12:41 PM   #2
dc.901
Member
 
Registered: Aug 2018
Location: Atlanta, GA - USA
Distribution: CentOS 6-7; SuSE 8-12
Posts: 528

Rep: Reputation: 145Reputation: 145
Since this is for a lab; I would opt for virtualized environment.
Why? So that I can template a base image and spin up a new VM within minutes to do whatever.

Then it would depend on what is the lab for?
May need DNS, ldap, DB etc; this is up to you and requirements from your users/developers?
 
Old 05-14-2019, 01:07 PM   #3
sevendogsbsd
Member
 
Registered: Sep 2017
Distribution: FreeBSD, OpenSUSE
Posts: 968

Rep: Reputation: Disabled
Second dc.901's answer: VM is the way to go and you have to define your purpose first.
 
Old 05-14-2019, 02:03 PM   #4
daviddon
LQ Newbie
 
Registered: May 2019
Posts: 16

Original Poster
Rep: Reputation: Disabled
The purpose of this lab is to host research application written in Python. Other than DNS and LDAP do I need to install Kerberos server?
 
Old 05-14-2019, 02:25 PM   #5
Turbocapitalist
Senior Member
 
Registered: Apr 2005
Distribution: Linux Mint, Devuan, OpenBSD
Posts: 4,020
Blog Entries: 3

Rep: Reputation: 1918Reputation: 1918Reputation: 1918Reputation: 1918Reputation: 1918Reputation: 1918Reputation: 1918Reputation: 1918Reputation: 1918Reputation: 1918Reputation: 1918
tldr; bare metal ftw

You can talk at them for ages and nothing you can say will match even an hour of hands-on, first hand experience installing and then using a nice distro. So you are on the right path.

However, instead of a Virtual Machine, I would go the other direction: bare metal all the way. VMs add an additional level of complexity and it is hard for the students to know which is which in regards to guest and host. Worst of all, I've seen people pretend to try to run OS classes with Windoze hosts. There 100% of the contact hours were spent having the class dork around with Windoze rather than using a real OS which was ostensibly the goal of the course. That was because the VM on Windoze never, ever worked -- not even once and that kind of crap went on for many terms with no progress, to the point that I think it may have been the goal. So if you have a GNU/Linux host you'll have a better time of it but I would say that there will still be confusion as to which part of the UI is the host and which is the guest.

I ran some FOSS labs for a few years, to great effect if I must be the one to say so, and the big disadvantage to bare metal is that you are much more limited in how many can work with the machines. One of the labs was built from a truckload of otherwise discarded machines. In the beginning I just had each group erase their machines and start fresh, clearing away the previous group's work each session. It was a good way to teach how to back up and restore, with concrete results, something which is essential but all too often ignored. They did it until it became routine. Then when I could see enough were getting bored of that, I then revisited partitioning and had them set up dual / triple boot so that each team had their own instance on the shared machines and they started to appreciate stability and understand collaboration with 'distant' teammates.

We mostly used APT-based distros like Ubuntu and I'd say go with Linux Mint nowdays, but I had installer images for quite a few distros plus OpenBSD. Our bandwidth was very limited so I set up a cache and would run through any installation or upgrade in the hours preceding the first class of the day so that the lab cache was populated. That would prevent a 10-minute activity from turning into 45 minutes of bored waiting. For the cache I used Apt-Cacher and Squid at different times, sometimes both. If I recall correcly, I finally just stayed with Squid, but wconfigured ith a really large cache set to handle lots of large files such as you see when you do an upgrade.

I used dnsmasq to allocate IPv4 addresses and handle a few DNS activities. If you already know a DNS server well then use what you are familiar with combined with ISC DHCPd. I eventually just used the tools in -base. However, if you are new, hands-down it is dnsmasq. I have no advice about IPv6 yet.

Someone else did the cabling and I had some dumb switches concentrating the LAN and feeding it to an OpenBSD server, one per lab, with the afore mentioned cache, DHCP server, PXE boot, and a few of local web pages and disc images. For connection to the outside, I had some PF rules to filter and prioritize traffic for greater efficiency. OpenBSD is in some ways easier for those tasks and it also avoids monoculture.

No machines will have DVD drives these days, so it is not an option for an installation medium. Besides optical media scratch or get lost way too quickly. Anyway they never lasted more than 6 or 7 class sessions no matter how I tried, they ended up scratched or missing. So what I ended up doing instead was setting up PXE boot configured to serve up the installation image of the day. In order to begin installation, all they had to do was interrupt the initial part of the boot sequence and tell it to boot from PXE. That had the additional advantage of being even faster than DVD at the cost of obfuscating the source of the distro a little too much. I would advise against trying thumb drives though, you'll never see them again after the first class unless you hold their phones or driver's licenses hostage.

I had rather narrow rules in PF and had them say if any sites were unreachable and adjusted the filter on a case-by case basis. Keep filter logs and check them daily. Check the cache and DNS logs daily too.

Have them unplug the machines at the end of the day. This is to prevent the clever ones from setting the machine to power on automatically later and fire up a reverse SSH tunnel to the outside. It never happened, but you have to plan for stuff like that. Eventually some became quite skilled and, with some strict rules, two students were appointed as lab proctors and were given limited access to the server (via locked-down sudo) so that the others could use the lab after-hours.

(Edit: please say more about how you wish to use the lab and how independent it should be from any existing infrastructure. The above is for ground-up teaching, with students ultimately running web servers, databases, or just programming. )

Last edited by Turbocapitalist; 05-14-2019 at 02:31 PM.
 
2 members found this post helpful.
Old 05-14-2019, 06:46 PM   #6
berndbausch
Senior Member
 
Registered: Nov 2013
Location: Tokyo
Distribution: Redhat/Centos, Ubuntu, Raspbian, Fedora, Alpine, Cirros, OpenSuse/SLES
Posts: 3,090

Rep: Reputation: 810Reputation: 810Reputation: 810Reputation: 810Reputation: 810Reputation: 810Reputation: 810
Quote:
Originally Posted by daviddon View Post
The purpose of this lab is to host research application written in Python. Other than DNS and LDAP do I need to install Kerberos server?
To test Python applications, you don't need DNS or LDAP. Except if the Python applications deal with these technologies/protocols.

In short, you need to install Python and whatever else your applications need.
 
Old 05-14-2019, 07:13 PM   #7
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 2,949

Rep: Reputation: 1265Reputation: 1265Reputation: 1265Reputation: 1265Reputation: 1265Reputation: 1265Reputation: 1265Reputation: 1265Reputation: 1265
I second the bare-metal suggestion. If you want to experiment, learn, and teach then that direct match between software and hardware is key. Virtualization is the golden ticket for server efficiency and TCO optimization, but not for response time, testing, or educational use.

The services you run are detemined by how you want your network to FUNCTION, and what you really want to DO (and support) with your network. I would like DNS and DHCP services myself, but I do not need anything like an SSO solution so I would not need LDAP. More detail about what you really want to accomplish and how might lead to better answers. (It also might not. Are you interested in trying, or more interested in crafting your own answers based upon contributed ideas?)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Black Lab Linux Enterprise and Black Lab Linux Education 5.0.3 Officially Released LXer Syndicated Linux News 0 07-07-2014 09:41 PM
LXer: Black Lab Linux for Enterprise 5.0.3 and Black Lab Linux for Education 5.0.3 released LXer Syndicated Linux News 0 07-07-2014 01:50 PM
LXer: Black Lab Linux Education 4.2.5 and Black Lab Professional Desktop 4.2.5 released LXer Syndicated Linux News 0 03-10-2014 12:00 PM
LXer: Black Lab Enterprise Linux 4.2 and Black Lab Linux 4.2 for free download LXer Syndicated Linux News 0 01-23-2014 01:30 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:22 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration